CVE-2013-3633 Information

Description

A vulnerability has been identified in SCALANCE X-200 switch family (incl. SIPLUS NET variants) (Versions V5.0.0 for CVE-2013-3633 and versions V4.5.0 for CVE-2013-3634) SCALANCE X-200IRT switch family (incl. SIPLUS NET variants) (All versions V5.1.0). The user privileges for the web interface are only enforced on client side and not properly verified on server side. Therefore an attacker is able to execute privileged commands using an unprivileged account.

Reference

https://cert-portal.siemens.com/productcert/pdf/ssa-170686.pdf